IT Teams Grapple with Shadow IT, Cyberattacks, and AI Uncertainty

Jul 17, 2024 | News, Privacy, Security

SOURCE: JumpCloud

A new report from JumpCloud reveals that small and medium-sized enterprise (SME) IT teams are facing a complex landscape of challenges, from the rise of shadow IT to persistent cybersecurity threats and the uncertain impact of artificial intelligence.

Shadow IT, the use of unauthorized applications and resources has emerged as a significant concern for IT teams. A staggering 84% of SMEs express worry about applications managed outside of IT, with 35% reporting they’re “very concerned.” This trend is exacerbated by the proliferation of cloud applications and the growing adoption of AI tools.

The reasons for not addressing shadow IT vary, with 36% of respondents citing more pressing priorities, while 31% struggle to keep pace with rapidly changing business user needs. Notably, 32% lack the ability to discover all applications used by employees, highlighting a critical visibility gap.

Cybersecurity remains a persistent threat, with nearly half (45%) of SMEs falling victim to attacks in the first half of 2024. Phishing remains the most common attack vector (43%), followed closely by shadow IT (37%) and stolen or lost credentials (33%).

Despite their best efforts, 49% of IT teams report that their organizations lack the necessary resources and staffing to adequately secure against cybersecurity threats despite their best efforts. This resource gap leaves many SMEs vulnerable in an increasingly hostile digital environment.

The report also sheds light on the complex device landscape IT teams must manage. On average, SME environments consist of 24% macOS devices, 18% Linux devices, and 63% Windows devices. This diversity creates challenges for centralized management and security enforcement.

The proliferation of digital identities and access points has led to widespread credential fatigue. A mere 26% of employees can access all their IT resources with just one or two passwords, while an alarming 17% must manage 10 or more. This complexity not only impacts productivity but also increases security risks.

In response to these challenges, 84% of IT teams express a strong preference for a single, centralized platform to manage user identity, access, and security, rather than juggling multiple-point solutions.

The relationship between SMEs and managed service providers (MSPs) continues to evolve. While 76% of SMEs rely on MSPs for at least some functions, expectations are rising. 

The impact of AI on IT operations remains a topic of debate and uncertainty. Opinions are split, with 22% of IT professionals believing AI’s impact will be lower than anticipated, while 23% now see its potential as even greater than previously thought. Despite the potential benefits, 61% of respondents agree that AI is outpacing their organization’s ability to protect against associated threats.

As IT teams navigate this complex landscape, they face mounting pressure to secure their organizations while enabling productivity and innovation. The report underscores the need for improved visibility, centralized management tools, and robust security measures to address the challenges posed by shadow IT, diverse device environments, and evolving cyber threats.

With 71% of IT professionals warning that cuts to their security budget would increase organizational risk, it’s clear that continued investment in IT resources and security measures is crucial. As SMEs look to the future, finding the right balance between security, efficiency, and innovation will be key to navigating the ever-changing IT landscape.

Click here to view more IT Briefcase content!

Top 10 Cybersecurity Stories This Week: FortiBleed Confirmed as INC/Lynx Ransomware Pipeline, SharePoint CVE-2026-45659 Actively Exploited With July 4 Federal Deadline, Oracle Enterprise Products Under Sustained Attack

Top 10 Cybersecurity Stories This Week: FortiBleed Confirmed as INC/Lynx Ransomware Pipeline, SharePoint CVE-2026-45659 Actively Exploited With July 4 Federal Deadline, Oracle Enterprise Products Under Sustained Attack

July 3, 2026 | ITBriefcase.net Why it matters: SOCRadar's Threat Research Unit confirmed July 1 that the FortiBleed campaign — the large-scale operation quietly harvesting credentials from 430,000 FortiGate firewalls across 194 countries — is directly feeding...

read more
Top 10 Cybersecurity Stories This Week: Operation Endgame Dismantles StealC/Amadey/SocGholish Infrastructure, Cisco Unified CM Zero-Day Drops Webshells, Mandiant Reveals Months-Long Cisco SD-WAN Zero-Day Campaign

Top 10 Cybersecurity Stories This Week: Operation Endgame Dismantles StealC/Amadey/SocGholish Infrastructure, Cisco Unified CM Zero-Day Drops Webshells, Mandiant Reveals Months-Long Cisco SD-WAN Zero-Day Campaign

June 26, 2026 | ITBriefcase.net Why it matters: Europol, Microsoft, and law enforcement partners from six countries dismantled the infrastructure behind three malware families — SocGholish, Amadey, and StealC — that together form the opening stages of the modern...

read more
Top 10 Cybersecurity Stories This Week: Record Microsoft Patch Tuesday 200+ CVEs, Check Point VPN Zero-Day Linked to Qilin Ransomware, Ivanti Sentry CVSS 10.0 Exploited Within Hours of PoC Release

Top 10 Cybersecurity Stories This Week: Record Microsoft Patch Tuesday 200+ CVEs, Check Point VPN Zero-Day Linked to Qilin Ransomware, Ivanti Sentry CVSS 10.0 Exploited Within Hours of PoC Release

June 12, 2026 | ITBriefcase.net Why it matters: Microsoft's June 2026 Patch Tuesday, released June 9, addressed approximately 200 security vulnerabilities — the largest single Patch Tuesday release in the program's history — including one actively exploited Exchange...

read more